﻿using System;
using System.Collections.Generic;
using System.Configuration;
using System.Data.SqlClient;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

namespace DelonixRegiaSystem.Classes
{
    class DBLogin
    {
        public static string LoginValiate(string username, string pwd)
        {
            string staffType = "";
            SqlConnection conn = null;
            try
            {
                conn = new SqlConnection();
                conn.ConnectionString = ConfigurationManager.ConnectionStrings["DelorixConnectionString"].ConnectionString;
                conn.Open();
                SqlCommand comm = new SqlCommand();
                comm.Connection = conn;

                comm.CommandText = "SELECT staffType from staff where staffNum in (SELECT staffNum from account where username=@username and password=@password)";
                comm.Parameters.AddWithValue("@username", username);
                comm.Parameters.AddWithValue("@password", pwd);

                SqlDataReader dr = comm.ExecuteReader();
                if (dr.Read())
                {
                    staffType = Convert.ToString(dr[0]);
                }

                conn.Close();
            }
            catch (Exception ex)
            {
                throw ex;
            }
            return staffType;
        }

    }
}
